Minimum ssl certificate type
We run webaccess and currently self-sign. This of course
results in a warning for our users (employees). I am
looking at getting an ssl certificate but don't know which
type is needed. Seems like most certificate authorities
have a quickie ssl which requires very little verification
and a standard ssl which requires more information. I don't
need an EV certificate.
So, can I get by with the cheapest certificate to avoid the
warning message??
Chris
It really depends on what Windows and/or the browser recognizes as a trusted CA. We use Trustwave certs for our WA SSL. Windows and IE trusts them, though Firefox doesn't seem to. However, at least Firefox can always trust it, unlike Win/IE.
We used Verisign initially, and they were around $2k for a 3-year cert. Trustwave was about $200 for the same. So we switched and haven't looked back. We also have several other webapps that use Trustwave certs.
HTH,
Aaron
Similar Messages
-
Web server type of standalone oc4j needed for SSL Certificate
Hi,
We have a standalone oc4j 10.1.3 that hosts an application whose many of its pages use https and so we need to buy SSL certificate from any of CAs like Verisign, GeoTrust, etc.. All of these CAs are asking us about the web server type that the standalone OC4J uses. I read the following statement from this url:
http://download.oracle.com/docs/cd/B32110_01/web.1013/b28950/intro.htm#JICON100
"communications in a standalone environment is provided through the built-in *_OC4J Web server_*, which supports HTTP and HTTPS communications natively without the use of the Oracle HTTP Server"
On all of the SSL certificate systems of above CAs websites, they ask us to choose the web server type from a list of server types but I don't see OC4J web server listed and I am told that it is very important to make sure the web server type is correct otherwise the SSL Certificate that we buy may not be compatible with our web server type.
So, I like to know the exact built in web server type name that goes with Standalone OC4J or one that is closest and for which SSL Certificate is compatible.
Shown below is a list of web server types that I am asked to choose from on Verisign website.The closest to standalone oc4j according to below list is Oracle Wallet Manager but isn't this meant for Oracle Application Server (OAS) and not the standalone OC4J? we are using the java keytool to generate the CSR that we look to sign it via the verisign but again we are not sure about the web server type in the case of standalone OC4J that is not listed below. Please advice and thanks in advance to any of your responses in helping out.
Webstar 4.x
ApacheSSL mod_ssl
WebLogic 6.0
WebLogic 8.1
Cisco
ACS 3.2
Covalent
Apache ERS 2.4
Apache ERS 3.0
F5
BIG-IP
IBM
Websphere MQ
HTTP Server
Lotus
Domino 5.0
Domino 6.0
Domino 7.0
Domino 8.0
Windows NT - IIS 4.0
Windows 2000 - IIS 5.0
Windows 2003 - IIS 6.0
Windows 2008 - IIS 7.0
Exchange 2007
iPlanet 4.x
iPlanet 6.x
ScreenOS
SSL Accelerator
Oracle Wallet Manager_
Secure Web Server
SSL Offloaders
Stronghold
Java Web Server 6.x
Sun ONE
AS Server w/IIS 4
AS Server w/IIS 5
EA Server
Tomcat
ZeusHi Zeus,
Type of certificate depends the method you will use to deploy the certificate on your application server.
Please refer the links,
http://download.oracle.com/docs/cd/B31017_01/web.1013/b28957/configssl.htm
http://download.oracle.com/docs/cd/B14099_19/core.1012/b13995/wallets.htm#ASADM400
http://download.oracle.com/docs/cd/B14099_19/web.1012/b14013/configssl.htm
Regards,
mYth -
Verisign SSL certificate Encryption
At present in our application, we are using weblogic server-7.0 with SSL Certificate of 40 bit minimum to 256 bit for SSL encryption. Does anyone know if our application can use the 128 - 256 bit encryption certificate instead of same weblogic server 7.0?
Hi,
by default Weblogic 7.0 does not supports only 56 bit of SSL encryption.
At the highest WLS 7.0 can be enabled for 128 bit SSL encryption but for that there is a need for a separate license for which you need to contact Oracle Weblogic Support.
The type of SSL encryption does not depends upon the SSL certificate because almost all of the SSL certificates available does support 256 bit encryption.
The 128-256 SSL encryption generally depends upon the Client JDK and the Ciphers(JCE/ algorithms) being used at the client end because it is the client which always initiates the SSL communication and the client presents the list of ciphers it supports and the server has to only choose from that list of algorithms.
So, to conclude WLS 7.0 uses by defaKult JDK 1.3_6 and JDK 1.3 by default does not have the algorithms to support 256 bit SSL encryption.
WLS 7.0 will not support 256 bit SSL encryption.
Hope this helps.
Thanks,
Sandeep -
Cisco ASA 5505 and comodo SSL certificate
Hey All,
I am having an issue with setting up the SSL certificate piece of the Cisco AnyConnect VPN. I purchased the certificate and installed it via the ASDM under Configuration > Remote Access VPN > Certificate Management > Identity Certificates. I also placed the CA 2 piece under the CA Certificates. I have http redirect to https and under my browser it is green.
Once the AnyConnect client installs and automatically connects i get no errors or anything. The minute I disconnect and try to reconnect again, I get the "Untrusted VPN Server Certificate!" which isn't true because the connection information is https://vpn.mydomain.com and the SSL Cert is setup as vpn.mydomain.com.
On that note it lists the IP address instead of the vpn.mydomain.com as the untrusted piece of this. Now obviously I don't have the IP address as part of the SSL cert, just the web address. On the web side I have an A record setup to go from vpn.mydomain.com to the IP address of the Cisco ASA.
What am I missing here? I can post config if anyone needs it.
(My Version of ASA Software is 9.0 (2) and ASDM Version 7.1 (2))It's AnyConnect version 3.0. I don't know about the EKU piece. I didn't know that was required. I will attach my config.
ASA Version 9.0(2)
hostname MyDomain-firewall-1
domain-name MyDomain.com
enable password omitted
xlate per-session deny tcp any4 any4
xlate per-session deny tcp any4 any6
xlate per-session deny tcp any6 any4
xlate per-session deny tcp any6 any6
xlate per-session deny udp any4 any4 eq domain
xlate per-session deny udp any4 any6 eq domain
xlate per-session deny udp any6 any4 eq domain
xlate per-session deny udp any6 any6 eq domain
passwd omitted
names
name 10.0.0.13.1 MyDomain-Inside description MyDomain Inside
name 10.200.0.0 MyDomain_New_IP description MyDomain_New
name 10.100.0.0 MyDomain-Old description Inside_Old
name XXX.XXX.XX.XX Provider description Provider_Wireless
name 10.0.13.2 Cisco_ASA_5505 description Cisco ASA 5505
name 192.168.204.0 Outside_Wireless description Outside Wireless for Guests
ip local pool MyDomain-Employee-Pool 192.168.208.1-192.168.208.254 mask 255.255.255.0
ip local pool MyDomain-Vendor-Pool 192.168.209.1-192.168.209.254 mask 255.255.255.0
interface Ethernet0/0
switchport access vlan 2
interface Ethernet0/1
interface Ethernet0/2
interface Ethernet0/3
interface Ethernet0/4
interface Ethernet0/5
interface Ethernet0/6
interface Ethernet0/7
interface Vlan1
nameif inside
security-level 100
ip address Cisco_ASA_5505 255.255.255.0
interface Vlan2
nameif outside
security-level 0
ip address Provider 255.255.255.252
boot system disk0:/asa902-k8.bin
ftp mode passive
clock timezone PST -8
clock summer-time PDT recurring
dns domain-lookup inside
dns server-group DefaultDNS
name-server 10.0.3.21
domain-name MyDomain.com
object network obj_any
subnet 0.0.0.0 0.0.0.0
object network MyDomain-Employee
subnet 192.168.208.0 255.255.255.0
description MyDomain-Employee
object-group network Inside-all
description All Networks
network-object MyDomain-Old 255.255.254.0
network-object MyDomain_New_IP 255.255.192.0
network-object host MyDomain-Inside
access-list inside_access_in extended permit ip any4 any4
access-list split-tunnel standard permit host 10.0.13.1
pager lines 24
logging enable
logging buffered errors
logging asdm informational
mtu inside 1500
mtu outside 1500
no failover
icmp unreachable rate-limit 1 burst-size 1
asdm image disk0:/asdm-712.bin
no asdm history enable
arp timeout 14400
no arp permit-nonconnected
nat (inside,outside) source static Inside-all Inside-all destination static RVP-Employee RVP-Employee no-proxy-arp route-lookup
object network obj_any
nat (inside,outside) dynamic interface
access-group inside_access_in in interface inside
route outside 0.0.0.0 0.0.0.0 XXX.XXX.XX.XX 1
route inside MyDomain-Old 255.255.254.0 MyDomain-Inside 1
route inside MyDomain_New_IP 255.255.192.0 MyDomain-Inside 1
route inside Outside_Wireless 255.255.255.0 MyDomain-Inside 1
timeout xlate 3:00:00
timeout pat-xlate 0:00:30
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
timeout tcp-proxy-reassembly 0:01:00
timeout floating-conn 0:00:00
dynamic-access-policy-record DfltAccessPolicy
action terminate
dynamic-access-policy-record "Network Access Policy Allow VPN"
description "Must have the Network Access Policy Enabled to get VPN access"
aaa-server LDAP_Group protocol ldap
aaa-server LDAP_Group (inside) host 10.0.3.21
ldap-base-dn ou=MyDomain,dc=MyDomainnet,dc=local
ldap-group-base-dn ou=MyDomain,dc=MyDomainnet,dc=local
ldap-scope subtree
ldap-naming-attribute sAMAccountName
ldap-login-password *****
ldap-login-dn cn=Cisco VPN,ou=Special User Accounts,ou=MyDomain,dc=MyDomainNET,dc=local
server-type microsoft
user-identity default-domain LOCAL
aaa authentication ssh console LOCAL
http server enable
http MyDomain_New_IP 255.255.192.0 inside
http redirect outside 80
no snmp-server location
no snmp-server contact
snmp-server enable traps snmp authentication linkup linkdown coldstart
crypto ipsec ikev2 ipsec-proposal DES
protocol esp encryption des
protocol esp integrity sha-1 md5
crypto ipsec ikev2 ipsec-proposal 3DES
protocol esp encryption 3des
protocol esp integrity sha-1 md5
crypto ipsec ikev2 ipsec-proposal AES
protocol esp encryption aes
protocol esp integrity sha-1 md5
crypto ipsec ikev2 ipsec-proposal AES192
protocol esp encryption aes-192
protocol esp integrity sha-1 md5
crypto ipsec ikev2 ipsec-proposal AES256
protocol esp encryption aes-256
protocol esp integrity sha-1 md5
crypto ipsec security-association pmtu-aging infinite
crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set ikev2 ipsec-proposal AES256 AES192 AES 3DES DES
crypto map outside_map 65535 ipsec-isakmp dynamic SYSTEM_DEFAULT_CRYPTO_MAP
crypto map outside_map interface outside
crypto ca trustpoint LOCAL-CA-SERVER
keypair LOCAL-CA-SERVER
no validation-usage
no accept-subordinates
no id-cert-issuer
crl configure
crypto ca trustpoint VPN
enrollment terminal
fqdn vpn.mydomain.com
subject-name CN=vpn.mydomain.com,OU=IT
keypair vpn.mydomain.com
crl configure
crypto ca trustpoint ASDM_TrustPoint1
enrollment terminal
crl configure
crypto ca trustpool policy
crypto ca server
shutdown
crypto ca certificate chain LOCAL-CA-SERVER
certificate ca 01
omitted
quit
crypto ca certificate chain VPN
certificate
omitted
quit
crypto ca certificate chain ASDM_TrustPoint1
certificate ca
omitted
quit
crypto ikev2 policy 1
encryption aes-256
integrity sha
group 5 2
prf sha
lifetime seconds 86400
crypto ikev2 policy 10
encryption aes-192
integrity sha
group 5 2
prf sha
lifetime seconds 86400
crypto ikev2 policy 20
encryption aes
integrity sha
group 5 2
prf sha
lifetime seconds 86400
crypto ikev2 policy 30
encryption 3des
integrity sha
group 5 2
prf sha
lifetime seconds 86400
crypto ikev2 policy 40
encryption des
integrity sha
group 5 2
prf sha
lifetime seconds 86400
crypto ikev2 enable outside client-services port 443
crypto ikev2 remote-access trustpoint VPN
telnet timeout 5
ssh MyDomain_New_IP 255.255.192.0 inside
ssh timeout 5
console timeout 0
threat-detection basic-threat
threat-detection statistics access-list
threat-detection statistics tcp-intercept rate-interval 30 burst-rate 400 average-rate 200
dynamic-filter updater-client enable
dynamic-filter use-database
dynamic-filter enable
ssl encryption rc4-sha1 aes128-sha1 aes256-sha1 3des-sha1 rc4-md5 des-sha1
ssl trust-point VPN outside
webvpn
enable outside
anyconnect-essentials
anyconnect image disk0:/anyconnect-macosx-i386-2.4.1012-k9.pkg 3
anyconnect image disk0:/anyconnect-linux-2.4.1012-k9.pkg 4
anyconnect image disk0:/anyconnect-win-3.1.01065-k9.pkg 5
anyconnect profiles MyDomain-employee disk0:/MyDomain-employee.xml
anyconnect enable
tunnel-group-list enable
group-policy DfltGrpPolicy attributes
dns-server value 10.0.3.21
vpn-tunnel-protocol ikev1 ikev2 l2tp-ipsec ssl-client
default-domain value MyDomain.com
group-policy MyDomain-Employee internal
group-policy MyDomain-Employee attributes
wins-server none
dns-server value 10.0.3.21
vpn-tunnel-protocol ssl-client
split-tunnel-policy tunnelspecified
split-tunnel-network-list value split-tunnel
default-domain value MyDomain.com
webvpn
anyconnect profiles value MyDomain-employee type user
username MyDomainadmin password omitted encrypted privilege 15
tunnel-group MyDomain-Employee type remote-access
tunnel-group MyDomain-Employee general-attributes
address-pool MyDomain-Employee-Pool
authentication-server-group LDAP_Group LOCAL
default-group-policy MyDomain-Employee
tunnel-group MyDomain-Employee webvpn-attributes
group-alias MyDomain-Employee enable
class-map inspection_default
match default-inspection-traffic
policy-map type inspect dns preset_dns_map
parameters
message-length maximum client auto
message-length maximum 512
policy-map global_policy
class inspection_default
inspect dns preset_dns_map
inspect ftp
inspect h323 h225
inspect h323 ras
inspect rsh
inspect rtsp
inspect esmtp
inspect sqlnet
inspect skinny
inspect sunrpc
inspect xdmcp
inspect sip
inspect netbios
inspect tftp
inspect ip-options
service-policy global_policy global
prompt hostname context
no call-home reporting anonymous
Cryptochecksum:1c7e3d7ff324e4fd7567aa21a96a8b22
: end
asdm image disk0:/asdm-712.bin
asdm location MyDomain_New_IP 255.255.192.0 inside
asdm location MyDomain-Inside 255.255.255.255 inside
asdm location MyDomain-Old 255.255.254.0 inside
no asdm history enable -
Is there a way to change the CSR for install SSL Certificate for CCMADMIN
HI there,
Our customer want a solution for the https failure on CCMAdmin and CCMUser sites.
For that, I have exported a csr to buy a ssl certificate from verisign.
The problem is the csr includes fqdn an not just the servername
But the users just have to type in the servername to reach the server.
Is there a way to export a csr which include as common name only the server name without changing the domain settings in the cucm?
thanks
MarcoHi
You can go to the server via SSH, and enter the 'set web-security' command with the alternate-host-name parameter:
Command Syntax
set web-security orgunit orgname locality state country alternate-host-name
Parameters
• orgunit represents the organizational unit.
• orgname represents the organizational name.
• locality represents the organization location.
• state represents the organization state.
• country represents the organization country.
• alternate-host-name (optional) specifies an alternate name for the host when you generate a
web-server (Tomcat) certificate.
Note When you set an alternate-host-name parameter with the set web-security command,
self-signed certificates for tomcat will contain the Subject Alternate Name extension with
the alternate-host-name specified. CSR for Cisco Unified Communications Manager will
contain Subject Alternate Name Extension with the alternate host name included in the CSR.
Typically you would still use an FQDN, but a less specific one (e.g. ccm.company.com)...
Regards
Aaron
Please rate helpful posts... -
How do I install this self-signed SSL certificate?
I haven't been able to connect to the jabber server I've been using (phcn.de) for quite some time now, so I filed a bug report with mcabber. The friendly people there told me to install phcn.de's self-signed certificate, but I can't figure out for the life of me how to do that.
I know I can download something resembling a certificate using
$ gnutls-cli --print-cert -p 5223 phcn.de
Which does give me something to work with:
Resolving 'phcn.de'...
Connecting to '88.198.14.54:5223'...
- Ephemeral Diffie-Hellman parameters
- Using prime: 768 bits
- Secret key: 767 bits
- Peer's public key: 767 bits
- PKCS#3 format:
-----BEGIN DH PARAMETERS-----
MIHFAmEA6eZCWZ01XzfJf/01ZxILjiXJzUPpJ7OpZw++xdiQFBki0sOzrSSACTeZ
hp0ehGqrSfqwrSbSzmoiIZ1HC859d31KIfvpwnC1f2BwAvPO+Dk2lM9F7jaIwRqM
VqsSej2vAmAwRwrVoAX7FM4tnc2H44vH0bHF+suuy+lfGQqnox0jxNu8vgYXRURA
GlssAgll2MK9IXHTZoRFdx90ughNICnYPBwVhUfzqfGicVviPVGuTT5aH2pwZPMW
kzo0bT9SklI=
-----END DH PARAMETERS-----
- Certificate type: X.509
- Got a certificate list of 1 certificates.
- Certificate[0] info:
- subject `CN=phcn.de', issuer `CN=phcn.de', RSA key 1024 bits, signed using RSA-SHA, activated `2009-05-04 08:26:21 UTC', expires `2014-04-08 08:26:21 UTC', SHA-1 fingerprint `d01bf1980777823ee7db14f8eac1c353dedb8fb7'
-----BEGIN CERTIFICATE-----
MIIBxzCCATCgAwIBAgIINN98WCZuMLswDQYJKoZIhvcNAQEFBQAwEjEQMA4GA1UE
AwwHcGhjbi5kZTAeFw0wOTA1MDQwODI2MjFaFw0xNDA0MDgwODI2MjFaMBIxEDAO
BgNVBAMMB3BoY24uZGUwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBALqS+tnB
tNruBGdcjw0o+BWSdfkKH4T3VpS7bkrsS0q7RD5iUIao7jH2lJqTk1TrLbQe28+R
H0X9Ya+w22iYFea2l3wkrTnBfgdSZbRhpSxgVvC2QEBMoSrEQoRpo5lzXadRlob/
RQ+rhu/cWCNeiRJzfkmNirPVEciGKQHrwKxxAgMBAAGjJjAkMCIGA1UdEQQbMBmg
FwYIKwYBBQUHCAWgCwwJKi5waGNuLmRlMA0GCSqGSIb3DQEBBQUAA4GBALFBalfI
oESZY+UyVwOilQIF8mmYhGSFtreEcUsIQvG1+cgD16glKehx+OcWvJNwf8P6cFvH
7yiq/fhMVsjnxrfW5Hwagth04/IsuOtIQQZ1B2hnzNezlnntyvaXBMecTIkU7hgl
zYK97m28p07SrLX5r2A2ODfmYGbp4RD0XkAC
-----END CERTIFICATE-----
- The hostname in the certificate matches 'phcn.de'.
- Peer's certificate issuer is unknown
- Peer's certificate is NOT trusted
- Version: TLS1.0
- Key Exchange: DHE-RSA
- Cipher: AES-128-CBC
- MAC: SHA1
- Compression: NULL
- Handshake was completed
- Simple Client Mode:
Unfortunately, the above command spits out more than a certificate. Do I need the additional information? If so, what do I need it for? Where do I need to put the certificate file?Hi,
I recently found out a way how to install test or self-signed certificates and use it with S1SE.
See:
http://www.gtlib.cc.gatech.edu/pub/linux/docs/HOWTO/other-formats/html_single/SSL-Certificates-HOWTO.html
Follow the instructions there
1. Create CA
2. Create root ca certificate
Now install the root-ca-certificate in S1SE -> Security>Certificate Management and Install a "Trusted Certificate Authority".
Paste the contents of the file: cacert.pem into the message-text box.
Then restart the server. Now your CA-Cert should be visible in the Manage Certificates menu.
The next step is to send a certificate-request from S1SE to your e-mail-address.
The contents of the e-mail the server sends to you (certificate request) must be pasted into the file: newreq.pem.
Now just sign the Request:
CA.pl -sign
The last step is that you have to paste the contents of the file newcert.pem into the message-box of the Security>Certificate Management - now under the option Certificate for "This Server".
Then you have to reboot the server/instance again and it should work with your certificate.
Regards,
Dominic -
Problem in Authenticating Clients using SSL certificates in EP 7.0
Hi all,
Our team is configuring client authentication using ssl certificates to Enterprise Portal 7.0. We have exhausted our search on SDN and have also brought SAP on board to resolve this issue.
We have completed our configuration as defined in following links
http://help.sap.com/saphelp_nw04/helpdata/en/8a/8bc061dcf64638aa695f250ce7ca78/content.htm
http://help.sap.com/saphelp_nw2004s/helpdata/en/b0/881e3e3986f701e10000000a114084/content.htm
and SAP note 583439.
But once a client types in the portal URL a message is shown that your certificate will be mapped to your user. Although we have manually mapped our certificate to a particular user but every time it asks for user ID and password.
So in short it dosent authenticate users on their certicates.
Following are snaps that I have taken from my default logs.
Latest snap.
Date , Time , Message , Severity , Category , Location , Application , User
02/27/2007 , 15:14:28:296 , ssl_debug(74): Closing transport... , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:28:296 , ssl_debug(74): Closing transport... , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:28:296 , ssl_debug(74): Closing transport... , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:28:281 , ssl_debug(74): Wrote 147 bytes in 1 records, 126 bytes net, 126 average. , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:28:281 , ssl_debug(74): Read 672 bytes in 1 records, 651 bytes net, 651 average. , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:28:281 , ssl_debug(74): Sending alert: Alert Warning: close notify , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:28:281 , ssl_debug(74): Shutting down SSL layer... , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:28:281 , ssl_debug(74): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:28:281 , ssl_debug(73): Closing transport... , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:28:281 , ssl_debug(73): Closing transport... , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:28:281 , ssl_debug(73): Closing transport... , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:28:281 , ssl_debug(73): Wrote 9523 bytes in 24 records, 9019 bytes net, 375 average. , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:28:281 , ssl_debug(73): Read 11234 bytes in 21 records, 10793 bytes net, 513 average. , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:28:281 , ssl_debug(73): Sending alert: Alert Warning: close notify , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:28:281 , ssl_debug(73): Shutting down SSL layer... , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:28:250 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:27:953 , ssl_debug(74): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:27:921 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:27:624 , ssl_debug(74): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:27:593 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:27:296 , ssl_debug(74): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:27:265 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:26:952 , ssl_debug(74): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:26:921 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:26:624 , ssl_debug(74): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:26:593 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:26:296 , ssl_debug(74): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:26:264 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:25:967 , ssl_debug(74): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:25:936 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:25:623 , ssl_debug(74): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:25:592 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:25:295 , ssl_debug(74): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:25:264 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:24:967 , ssl_debug(74): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:24:936 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:24:639 , ssl_debug(74): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:24:607 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:24:295 , ssl_debug(74): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:24:264 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:23:967 , ssl_debug(74): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:23:935 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:23:638 , ssl_debug(74): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:23:607 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:23:310 , ssl_debug(74): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:23:279 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:22:966 , ssl_debug(74): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:22:935 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:22:638 , ssl_debug(74): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:22:607 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:22:310 , ssl_debug(74): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:22:278 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:21:981 , ssl_debug(74): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:21:950 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:21:637 , ssl_debug(74): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:21:606 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:21:309 , ssl_debug(74): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:21:278 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:20:981 , ssl_debug(74): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:20:950 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:20:653 , ssl_debug(74): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:20:621 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:20:309 , ssl_debug(74): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:20:278 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:19:981 , ssl_debug(74): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:19:949 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:19:652 , ssl_debug(74): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:19:621 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:19:324 , ssl_debug(74): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:19:293 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:18:980 , ssl_debug(74): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:18:949 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:18:652 , ssl_debug(74): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:18:621 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:18:324 , ssl_debug(74): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:18:292 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:17:995 , ssl_debug(74): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:17:964 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:17:652 , ssl_debug(74): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:17:620 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:17:323 , ssl_debug(74): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:17:292 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:16:995 , ssl_debug(74): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:16:964 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:16:667 , ssl_debug(74): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:16:635 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:16:323 , ssl_debug(74): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:16:292 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:15:995 , ssl_debug(74): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:15:963 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:15:666 , ssl_debug(74): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:15:635 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:15:322 , ssl_debug(74): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:15:291 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:14:979 , ssl_debug(74): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:14:963 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:14:635 , ssl_debug(74): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:14:619 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:14:291 , ssl_debug(74): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:14:275 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:13:947 , ssl_debug(74): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:13:931 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:13:603 , ssl_debug(74): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:13:587 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:13:259 , ssl_debug(74): Read 153 bytes in 3 records, wrote 130 bytes in 3 records. , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:13:259 , ssl_debug(74): Handshake completed, statistics: , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:13:259 , ssl_debug(74): Session added to session cache. , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:13:259 , ssl_debug(74): Received finished message. , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:13:259 , ssl_debug(74): Received change_cipher_spec message. , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:13:259 , ssl_debug(74): Sending finished message... , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:13:259 , ssl_debug(74): Sending change_cipher_spec message... , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:13:243 , ssl_debug(74): Selecting CompressionMethod: NULL , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:13:243 , ssl_debug(74): Selecting CipherSuite: SSL_RSA_WITH_RC4_128_MD5 , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:13:243 , ssl_debug(74): Sending server_hello handshake message. , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:13:243 , ssl_debug(74): Resuming previous session... , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:13:243 , ssl_debug(74): Client is trying to resume session 79:5C:C5:27:04:EB:FC:68... , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:13:243 , ssl_debug(74): Client requested SSL version 3.0, selecting version 3.0. , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:13:243 , ssl_debug(74): Received v3 client_hello handshake message. , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:13:243 , ssl_debug(74): Starting handshake (iSaSiLk 3.06)... , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:12:462 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:12:118 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:11:774 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:11:446 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:11:102 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:10:758 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:10:414 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:10:086 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:09:742 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:09:398 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:09:054 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:08:726 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:08:382 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:08:038 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:07:694 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:07:366 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:07:022 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:06:678 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:06:334 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:06:006 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:05:662 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:05:318 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:04:834 , ssl_debug(73): Read 153 bytes in 3 records, wrote 130 bytes in 3 records. , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:04:834 , ssl_debug(73): Handshake completed, statistics: , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:04:834 , ssl_debug(73): Session added to session cache. , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:04:834 , ssl_debug(73): Received finished message. , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:04:834 , ssl_debug(73): Received change_cipher_spec message. , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:04:834 , ssl_debug(73): Sending finished message... , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:04:834 , ssl_debug(73): Sending change_cipher_spec message... , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:04:834 , ssl_debug(73): Selecting CompressionMethod: NULL , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:04:834 , ssl_debug(73): Selecting CipherSuite: SSL_RSA_WITH_RC4_128_MD5 , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:04:834 , ssl_debug(73): Sending server_hello handshake message. , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:04:834 , ssl_debug(73): Resuming previous session... , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:04:834 , ssl_debug(73): Client is trying to resume session 79:5C:C5:27:04:EB:FC:68... , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:04:834 , ssl_debug(73): Client requested SSL version 3.0, selecting version 3.0. , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:04:834 , ssl_debug(73): Received v3 client_hello handshake message. , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:04:834 , ssl_debug(73): Starting handshake (iSaSiLk 3.06)... , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:03:286 , ssl_debug(72): Closing transport... , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:03:286 , ssl_debug(72): Closing transport... , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:03:286 , ssl_debug(72): Closing transport... , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:03:286 , ssl_debug(72): Wrote 0 bytes in 0 records, 0 bytes net, 0 average. , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:03:286 , ssl_debug(72): Read 0 bytes in 0 records, 0 bytes net, 0 average. , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:03:286 , ssl_debug(72): Shutting down SSL layer... , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:03:286 , ssl_debug(72): Exception reading SSL message: java.io.EOFException: Connection closed by remote host. , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:03:239 , ssl_debug(72): Read 943 bytes in 3 records, wrote 861 bytes in 3 records. , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:03:239 , ssl_debug(72): Handshake completed, statistics: , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:03:239 , ssl_debug(72): Session added to session cache. , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:03:239 , ssl_debug(72): Sending finished message... , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:03:239 , ssl_debug(72): Sending change_cipher_spec message... , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:03:239 , ssl_debug(72): Received finished message. , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:03:239 , ssl_debug(72): Received change_cipher_spec message. , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:03:239 , Exiting method , Path , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:03:239 , oid: OBJECT ID = SubjectKeyIdentifier , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:03:239 , Certificate: Version: 3
Serial number: 4123385933
Signature algorithm: md5WithRSAEncryption (1.2.840.113549.1.1.4)
Issuer: CN=usmdlsdowa123.dow.com,OU=JV,O=Dow,L=Midland,C=US
Valid not before: Tue Feb 20 09:17:00 EST 2007
not after: Wed Feb 20 09:17:00 EST 2008
Subject: CN=nai2626,OU=J V,O=DOW,L=Midland,ST=MI,C=US
RSA public key (1024 bits):
public exponent: 10001
modulus: c1f13eb65d6d1f934c6504427dedfd963284979fd61e5d64ac8de1c647f85085f84e173d3bee65837aa97030ebfa6b9521e042b1244de3444e7e82a26a3542a419d6f0bbf276b71e0fb3083a5ed8353852816deec7dd9ceb5ded748ec4a52cb068af1a5e93299f882ee9cb531a60cb0e4b77372c832556e8d993a601d7214741
Certificate Fingerprint (MD5) : BD:B4:9E:51:A9:FA:8B:9B:40:5B:85:6E:5A:CC:B1:68
Certificate Fingerprint (SHA-1): 4B:BB:43:8C:CC:DC:A1:92:56:40:CE:0B:8E:88:DA:28:EC:2A:46:52
Extensions: 1
, Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:03:239 , ssl_debug(72): ChainVerifier: Found a trusted certificate, returning true , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:03:239 , Not after: Wed Feb 20 09:17:00 EST 2008 , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:03:239 , Not before: Tue Feb 20 09:17:00 EST 2007 , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:03:239 , Serial: f5c5e04d , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:03:239 , Issuer: CN=usmdlsdowa123.dow.com,OU=JV,O=Dow,L=Midland,C=US , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:03:239 , Subject: CN=nai2626,OU=J V,O=DOW,L=Midland,ST=MI,C=US , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:03:239 , cert [0 of 1] , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:03:239 , Entering method with ([Ljava.security.cert.X509Certificate;@7bc735, iaik.security.ssl.SSLTransport@539802) , Path , , com.sap.engine.services.ssl.verifyChain () , ,
02/27/2007 , 15:14:03:239 , ssl_debug(72): Received certificate_verify handshake message. , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:03:224 , ssl_debug(72): Received client_key_exchange handshake message. , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:03:224 , ssl_debug(72): Client sent a 1024 bit RSA certificate, chain has 1 elements. , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:03:224 , ssl_debug(72): Received certificate handshake message with client certificate. , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:03:224 , ssl_debug(72): Sending server_hello_done handshake message... , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:03:224 , ssl_debug(72): Sending certificate_request handshake message... , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:03:224 , ssl_debug(72): Sending certificate handshake message with server certificate... , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:03:224 , ssl_debug(72): Selecting CompressionMethod: NULL , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:03:224 , ssl_debug(72): Selecting CipherSuite: SSL_RSA_WITH_RC4_128_MD5 , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:03:224 , ssl_debug(72): Sending server_hello handshake message. , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:03:224 , ssl_debug(72): NULL , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:03:224 , ssl_debug(72): CompressionMethods supported by the client: , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:03:224 , ssl_debug(72): SSL_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:03:224 , ssl_debug(72): SSL_DHE_DSS_WITH_DES_CBC_SHA , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:03:224 , ssl_debug(72): SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:03:224 , ssl_debug(72): SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5 , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:03:224 , ssl_debug(72): SSL_RSA_EXPORT_WITH_RC4_40_MD5 , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:03:224 , ssl_debug(72): SSL_RSA_EXPORT1024_WITH_DES_CBC_SHA , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:03:224 , ssl_debug(72): SSL_RSA_EXPORT1024_WITH_RC4_56_SHA , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:03:224 , ssl_debug(72): SSL_RSA_WITH_DES_CBC_SHA , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:03:224 , ssl_debug(72): SSL_RSA_WITH_3DES_EDE_CBC_SHA , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:03:224 , ssl_debug(72): SSL_RSA_WITH_RC4_128_SHA , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:03:224 , ssl_debug(72): SSL_RSA_WITH_RC4_128_MD5 , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:03:224 , ssl_debug(72): CipherSuites supported by the client: , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:03:224 , ssl_debug(72): Creating new session 79:5C:C5:27:04:EB:FC:68... , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:03:224 , ssl_debug(72): Client requested SSL version 3.0, selecting version 3.0. , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:03:224 , ssl_debug(72): Received v2 client hello message. , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:03:146 , ssl_debug(72): Starting handshake (iSaSiLk 3.06)... , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:13:59:535 , Error in resource clean up for a disconnected client
java.lang.NullPointerException
at com.sap.engine.services.httpserver.dispatcher.Processor.closeConnection(Processor.java:1684)
at com.sap.engine.services.httpserver.dispatcher.Processor.fail(Processor.java:518)
at com.sap.engine.core.manipulator.TCPRunnableConnection.disposeConnection(TCPRunnableConnection.java:470)
at com.sap.engine.core.manipulator.TCPRunnableConnection$CloseThread.run(TCPRunnableConnection.java:1031)
at com.sap.engine.core.manipulator.TCPRunnableConnection.run(TCPRunnableConnection.java:525)
at com.sap.engine.frame.core.thread.Task.run(Task.java:64)
at com.sap.engine.core.thread.impl6.SingleThread.execute(SingleThread.java:78)
at com.sap.engine.core.thread.impl6.SingleThread.run(SingleThread.java:148)
, Error , , com.sap.engine.services.httpserver.dispatcher , ,
02/27/2007 , 15:13:59:535 , ssl_debug(71): Closing transport... , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:13:59:535 , Cannot get input and output streams from socket. ConnectionsManipulator is not initialized.
[EXCEPTION]
java.io.EOFException: Connection closed by remote host.
at iaik.security.ssl.Utils.a(Unknown Source)
at iaik.security.ssl.o.b(Unknown Source)
at iaik.security.ssl.o.c(Unknown Source)
at iaik.security.ssl.r.f(Unknown Source)
at iaik.security.ssl.f.c(Unknown Source)
at iaik.security.ssl.f.a(Unknown Source)
at iaik.security.ssl.r.d(Unknown Source)
at iaik.security.ssl.SSLTransport.startHandshake(Unknown Source)
at iaik.security.ssl.SSLSocket.startHandshake(Unknown Source)
at com.sap.engine.services.ssl.factory.SSLSocket.startHandshake(SSLSocket.java:139)
at com.sap.engine.services.ssl.factory.SSLSocket.getInputStream(SSLSocket.java:257)
at com.sap.engine.core.manipulator.TCPRunnableConnection.init(TCPRunnableConnection.java:324)
at com.sap.engine.core.manipulator.TCPRunnableConnection.run(TCPRunnableConnection.java:524)
at com.sap.engine.frame.core.thread.Task.run(Task.java:64)
at com.sap.engine.core.thread.impl6.SingleThread.execute(SingleThread.java:78)
at com.sap.engine.core.thread.impl6.SingleThread.run(SingleThread.java:148)
, Error , /System/Network , com.sap.engine.core.manipulator.TCPRunnableConnection.init() , ,
02/27/2007 , 15:13:59:535 , Handshake failed
[EXCEPTION]
java.io.EOFException: Connection closed by remote host.
at iaik.security.ssl.Utils.a(Unknown Source)
at iaik.security.ssl.o.b(Unknown Source)
at iaik.security.ssl.o.c(Unknown Source)
at iaik.security.ssl.r.f(Unknown Source)
at iaik.security.ssl.f.c(Unknown Source)
at iaik.security.ssl.f.a(Unknown Source)
at iaik.security.ssl.r.d(Unknown Source)
at iaik.security.ssl.SSLTransport.startHandshake(Unknown Source)
at iaik.security.ssl.SSLSocket.startHandshake(Unknown Source)
at com.sap.engine.services.ssl.factory.SSLSocket.startHandshake(SSLSocket.java:139)
at com.sap.engine.services.ssl.factory.SSLSocket.getInputStream(SSLSocket.java:257)
at com.sap.engine.core.manipulator.TCPRunnableConnection.init(TCPRunnableConnection.java:324)
at com.sap.engine.core.manipulator.TCPRunnableConnection.run(TCPRunnableConnection.java:524)
at com.sap.engine.frame.core.thread.Task.run(Task.java:64)
at com.sap.engine.core.thread.impl6.SingleThread.execute(SingleThread.java:78)
at com.sap.engine.core.thread.impl6.SingleThread.run(SingleThread.java:148)
, Info , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:13:59:535 , ssl_debug(71): Shutting down SSL layer... , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:13:59:535 , ssl_debug(71): Sending alert: Alert Fatal: handshake failure , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:13:59:535 , ssl_debug(71): IOException while handshaking: Connection closed by remote host. , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:13:59:504 , ssl_debug(71): Sending server_hello_done handshake message... , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:13:59:504 , ssl_debug(71): Sending certificate_request handshake message... , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:13:59:504 , ssl_debug(71): Sending certificate handshake message with server certificate... , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:13:59:504 , ssl_debug(71): Selecting CompressionMethod: NULL , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:13:59:504 , ssl_debug(71): Selecting CipherSuite: SSL_RSA_WITH_RC4_128_MD5 , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:13:59:504 , ssl_debug(71): Sending server_hello handshake message. , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:13:59:504 , ssl_debug(71): NULL , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:13:59:504 , ssl_debug(71): CompressionMethods supported by the client: , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:13:59:504 , ssl_debug(71): SSL_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:13:59:504 , ssl_debug(71): SSL_DHE_DSS_WITH_DES_CBC_SHA , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:13:59:504 , ssl_debug(71): SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:13:59:504 , ssl_debug(71): SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5 , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:13:59:504 , ssl_debug(71): SSL_RSA_EXPORT_WITH_RC4_40_MD5 , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:13:59:504 , ssl_debug(71): SSL_RSA_EXPORT1024_WITH_DES_CBC_SHA , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:13:59:504 , ssl_debug(71): SSL_RSA_EXPORT1024_WITH_RC4_56_SHA , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:13:59:504 , ssl_debug(71): SSL_RSA_WITH_DES_CBC_SHA , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:13:59:504 , ssl_debug(71): SSL_RSA_WITH_3DES_EDE_CBC_SHA , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:13:59:504 , ssl_debug(71): SSL_RSA_WITH_RC4_128_SHA , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:13:59:504 , ssl_debug(71): SSL_RSA_WITH_RC4_128_MD5 , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:13:59:504 , ssl_debug(71): CipherSuites supported by the client: , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:13:59:504 , ssl_debug(71): Creating new session 65:0B:55:9C:7D:29:83:F8... , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:13:59:504 , ssl_debug(71): Client requested SSL version 3.0, selecting version 3.0. , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:13:59:504 , ssl_debug(71): Received v2 client hello message. , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:13:59:504 , ssl_debug(71): Starting handshake (iSaSiLk 3.06)... , Debug , , com.sap.engine.services.ssl , ,
Regards,
Atif MukhtarAtif,
Did you get a solution to the problem you were having? We have a similar problem.
Thanks,
Dave -
Configuring SSL certificates on ALBPM Studio
Hi,
I am invoking a web service which is deployed on a web logic server which is a secure server and needs SSL certificates to communicate. I have the certificates but don’t know how to configure it to my ALBPM Studio.
Can I configure those to studio or do I need to deploy my code on the Enterprise edition installed on application server having these SSL certificates? But in that case I would land up investing so much time in deploying the code on server after even a small change. Since I don’t have those certificates configured to my studio it is not allowing me to catalog the service in my project and throwing Introspection error. The details of the error are mentioned below:
+[Error] Web Service WSDL parse exception: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target..+
+[Error] Instrospection exception: Web Service WSDL parse exception: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target...+
Can anyone throw any pointers on this type of error
Thanks,
AkshayIn order to communicate with SSL secured webservices (those with WSDL end point starting as https:// you need to have certificates from these servers.
For BPM Standalone these are the steps
1. Download the .cer file from server. (One way is you can use IE browser to get that file and export it from browser to a local directory)
2. Put this file in %JAVA_HOME%\jre\lib\security. You can put it anywhere you want.
3. Run the following command at a command prompt:
C:\Program Files\Java\jre1.6.0_02\bin>keytool -import -trustcacerts -alias <CERT ALIAS NAME> -keystore ..\lib\security\cacerts -file ..\lib\security\gd_<cert file name>.cer
4. You will be prompted for a password. If you have not changed the password, it will be "changeit".
5. You will then get the following message if all is successful - "Certificate was added to keystore".
6. Restart Tomcat (inbuilt server in BPM Studio).
This should solve your problem.
Pls note that if you have not configured your keyStore then first do so. you will find this document handy to do so.
http://tomcat.apache.org/tomcat-5.5-doc/ssl-howto.html#Edit%20the%20Tomcat%20Configuration%20File
Arvind
Visit my blog at http://soa-bam-bi.blogspot.com/ for more tips on BPM & SOA -
SSL certificate problem on most https websites
Some https sites can not be reached in my system, and it is going to include more https sites as times goes by. I have noticed that the problem is the SSL certificate. I even check an arch iso and there I have the same problem. I tetsted two thing in case it rings any bell for you
omid@localhost›~⁑ curl -v https://github.com
* Rebuilt URL to: https://github.com/
* Adding handle: conn: 0x1757250
* Adding handle: send: 0
* Adding handle: recv: 0
* Curl_addHandleToPipeline: length: 1
* - Conn 0 (0x1757250) send_pipe: 1, recv_pipe: 0
* About to connect() to github.com port 443 (#0)
* Trying 192.30.252.128...
* Connected to github.com (192.30.252.128) port 443 (#0)
* successfully set certificate verify locations:
* CAfile: /etc/ssl/certs/ca-certificates.crt
CApath: none
* SSLv3, TLS handshake, Client hello (1):
* SSLv3, TLS handshake, Server hello (2):
* SSLv3, TLS handshake, CERT (11):
* SSLv3, TLS handshake, Server finished (14):
* SSLv3, TLS handshake, Client key exchange (16):
* SSLv3, TLS change cipher, Client hello (1):
* SSLv3, TLS handshake, Finished (20):
* Unknown SSL protocol error in connection to github.com:443
* Closing connection 0
curl: (35) Unknown SSL protocol error in connection to github.com:443
in which you can see the problem. But
omid@localhost›~35↵⁑ curl -v3 https://github.com
* Rebuilt URL to: https://github.com/
* Adding handle: conn: 0xf31250
* Adding handle: send: 0
* Adding handle: recv: 0
* Curl_addHandleToPipeline: length: 1
* - Conn 0 (0xf31250) send_pipe: 1, recv_pipe: 0
* About to connect() to github.com port 443 (#0)
* Trying 192.30.252.129...
* Connected to github.com (192.30.252.129) port 443 (#0)
* successfully set certificate verify locations:
* CAfile: /etc/ssl/certs/ca-certificates.crt
CApath: none
* SSLv3, TLS handshake, Client hello (1):
* SSLv3, TLS handshake, Server hello (2):
* SSLv3, TLS handshake, CERT (11):
* SSLv3, TLS handshake, Server finished (14):
* SSLv3, TLS handshake, Client key exchange (16):
* SSLv3, TLS change cipher, Client hello (1):
* SSLv3, TLS handshake, Finished (20):
* SSLv3, TLS change cipher, Client hello (1):
* SSLv3, TLS handshake, Finished (20):
* SSL connection using RC4-SHA
* Server certificate:
* subject: businessCategory=Private Organization; 1.3.6.1.4.1.311.60.2.1.3=US; 1.3.6.1.4.1.311.60.2.1.2=Delaware; serialNumber=5157550; street=548 4th Street; postalCode=94107; C=US; ST=California; L=San Francisco; O=GitHub, Inc.; CN=github.com
* start date: 2013-06-10 00:00:00 GMT
* expire date: 2015-09-02 12:00:00 GMT
* subjectAltName: github.com matched
* issuer: C=US; O=DigiCert Inc; OU=www.digicert.com; CN=DigiCert High Assurance EV CA-1
* SSL certificate verify ok.
> GET / HTTP/1.1
> User-Agent: curl/7.33.0
> Host: github.com
> Accept: */*
>
< HTTP/1.1 200 OK
* Server GitHub.com is not blacklisted
< Server: GitHub.com
< Date: Fri, 06 Dec 2013 09:55:10 GMT
< Content-Type: text/html; charset=utf-8
< Status: 200 OK
< Cache-Control: private, max-age=0, must-revalidate
< Strict-Transport-Security: max-age=2592000
< X-Frame-Options: deny
< Set-Cookie: logged_in=no; domain=.github.com; path=/; expires=Tue, 06-Dec-2033 09:55:10 GMT; secure; HttpOnly
which seems OK. Is there even anyway to add certificate to avoid this strange behavior. I use an updated x86_64 KDE.
Last edited by nikta (2013-12-06 11:37:06)[omid@localhost ~]$ ldd `which curl`
linux-vdso.so.1 (0x00007fff8bd7c000)
libcurl.so.4 => /usr/lib/libcurl.so.4 (0x00007f9f479c6000)
libz.so.1 => /usr/lib/libz.so.1 (0x00007f9f477b0000)
libpthread.so.0 => /usr/lib/libpthread.so.0 (0x00007f9f47592000)
libc.so.6 => /usr/lib/libc.so.6 (0x00007f9f471e7000)
libssh2.so.1 => /usr/lib/libssh2.so.1 (0x00007f9f46fbe000)
libssl.so.1.0.0 => /usr/lib/libssl.so.1.0.0 (0x00007f9f46d51000)
libcrypto.so.1.0.0 => /usr/lib/libcrypto.so.1.0.0 (0x00007f9f46949000)
/lib64/ld-linux-x86-64.so.2 (0x00007f9f47c2b000)
libdl.so.2 => /usr/lib/libdl.so.2 (0x00007f9f46745000)
[omid@localhost ~]$ pacman -Q|egrep '(openssl|curl|ca-cert)'
ca-certificates 20130906-1
ca-certificates-java 20130815-1
curl 7.33.0-3
lib32-openssl 1.0.1.e-2
mingw-w64-openssl 1.0.1e-4
openssl 1.0.1.e-5
Last edited by nikta (2013-12-06 13:15:18) -
Problem in installation of free SSL certificate on Weblogic using keytool
We tried to install SSL certificate on weblogic certificate using Keystore ..but it is giving error in console at startup and server shutdowns automatically...
Steps followed:-
1) To generate keystore and private key and digital cerficate:-
keytool -genkey -alias mykey2 -keyalg RSA -keystore webconkeystore.jks -storepass webconkeystorepassword
2) To generate CSR
keytool -certreq -alias mykey2 -file webconcsr1.csr -keyalg RSA -storetype jks -keystore webconkeystore.jks -storepass webconkeystorepassword
3) CSR is uploaded on verisign site to generate free ssl certificate.All certificate text received is paste into file (cacert.pem)
4) Same certificate is put into same keystore using following command
keytool -import -alias mykey2 -keystore webconkeystore.jks -trustcacerts -file cacert.pem
5) Before step 4), we have also installed root /intermediate certificate to include chain using following command.
(intermediateCa.cer file is downloaded from verisign site)
keytool -import -alias intermediateca -keystore webconkeystore.jks -trustcacerts -file intermediateCa.cer
6) After this configuration we used weblogic admin module to configure Keystore and SSL.
7) For KeyStore tab in weblogic admin module, we have select option Custom Identity And Custom Trust provided following details under Identity and Trust columns:-
Private key alias: mykey2
PassKeyphrase: webconkeystorepassword
Location of keystore: location of webconkeystore.jks file on server
8) For SSL tab in weblogic admin module, we have select option KeyStores for Identity and Trust locations.
Error on console:
<Nov 3, 2009 3:00:17 PM IST> <Emergency> <Security> <BEA-090034> <Not listening for SSL, java.io.IOException: Failed to retrieve identity key/certificate from keystore /home/cedera/bea9.0/weblogic90/server/lib/webconkeystore.jks under alias mykey2 on server AdminServer.>
<Nov 3, 2009 3:00:17 PM IST> <Emergency> <Security> <BEA-090087> <Server failed to bind to the configured Admin port. The port may already be used by another process.>
<Nov 3, 2009 3:00:17 PM IST> <Critical> <WebLogicServer> <BEA-000362> <Server failed. Reason: Server failed to bind to any usable port. See preceeding log message for details.>
<Nov 3, 2009 3:00:17 PM IST> <Notice> <WebLogicServer> <BEA-000365> <Server state changed to FAILED>
<Nov 3, 2009 3:00:17 PM IST> <Error> <WebLogicServer> <BEA-000383> <A critical service failed. The server will shut itself down>
<Nov 3, 2009 3:00:17 PM IST> <Notice> <WebLogicServer> <BEA-000365> <Server state changed to FORCE_SHUTTING_DOWN>
If anyone knows the solution ,please help us out.Thanx in advance.
I was really happy to get reply yesterday from "mv".I was not expecting such instant response.Thanx all guys for your interest and support.
I have solved this issue.
We have weblogic 9 on unix env.
Following steps which I followed:
#generate private key
keytool -genkey -v -alias uinbrdcsap01_apac_nsroot_net -keyalg RSA -keysize 1024 -dname "CN=linuxbox042, OU=ASIA, O=Citigroup, L=CALC, S=MH, C=IN" -validity 1068 -keypass "webconkeystorepassword" -keystore "cwebconkeystore"
#generate csr
keytool -certreq -v -alias uinbrdcsap01_apac_nsroot_net -file linuxbox042.csr -keypass "webconkeystorepassword" -keystore "cwebconkeystore" -storepass webconkeystorepassword
Then we uploaded this csr on verisigns free ssl certificate to generate and receive certificate text.
We copied that text file in "ert4nov2009.crt" rt file used below.
Apart from that , mail which we received from verisign also contains links to download root ca certificate and intermediate ca certificate.We downloaded them.
roo ca in "root4nov2009.cer" file.
intermediate ca in "intermediateca4nov2009.cer"
both these files used in
#import root certificate
keytool -import -alias rootca -keystore "cwebconkeystore" -storepass "webconkeystorepassword" -trustcacerts -file "root4nov2009.cer"
#import intermediate ca certificate
keytool -import -alias intermediateca -keystore "cwebconkeystore" -storepass "webconkeystorepassword" -trustcacerts -file "intermediateca4nov2009.cer"
#install free ssl certifiate
keytool -import -alias uinbrdcsap01_apac_nsroot_net -file "cert4nov2009.crt" -trustcacerts -keypass "webconkeystorepassword" -keystore "cwebconkeystore" -storepass "webconkeystorepassword"
#after this admin configuration
In weblogic admin console module, we did following settings:-
1. under Configuration tab
a. Under KeyStore tab
For keystore , we selected "Custom identity and Custom Trust"
Under Identity,
Custom Identity Keystore:location of keystore "webconkeystore" on weblogic server
Custom Identity Keystore Type: JKS
Custom Identity Keystore Passphrase:password for keystore mentioend above.In our case, webconkeystorepassword
Same we copied Under "Trust", as we have not created separate keystore for trust.
Save setting.
b. Under SSL tab
Identity and Trust Locations: select "Keystores"
Private Key Alias: alias used while creating private keyi.e. in our case "uinbrdcsap01_apac_nsroot_net"
Save setting.
c. Under General tab
Check checkbox "SSL Listen Port Enabled"
and mention ssl port "SSL Listen Port"
Save setting.
After this activate changes.You might see error on admin module.
Using command prompt, stop the server and again restart and then try to access using https and port ...
you will definately get output...
in our case issue might be due to key size..we used 1024 key size ..it solve problem.
for your further reference plz find link below..it is also helpful.
http://download.oracle.com/docs/cd/E13222_01/wls/docs81/plugins/nsapi.html#112674 -
Accepting runtime-specified SSL certificates in WebLogic 11g
Hi all!
In our application we need to call several Web Servervices based on URL's and trusted SSL certificates that are stored in database. Those certificates are self-signed but we cannot add them in the WebLogic truststore (we only want to accept them for those specific web service calls). This is 2-way SSL but our server refuses the remote certificate.
What is the right way to do this?
In WebLogic 10g we used to do the following:
WlsSSLAdapter adapter = new WlsSSLAdapter();
try {
// setup for client certificate
adapter.setKeystore(…);
adapter.setClientCert(…);
// setup for accepting the remote certificate
adapter.setTrustManager(new TrustManager() {
@Override
public boolean certificateCallback(X509Certificate[] paramArrayOfX509Certificate, int paramInt) {
return paramArrayOfX509Certificate[0] == expectedCertificate;
} catch (Exception e) {
throw new RuntimeException(e);
((weblogic.wsee.jaxrpc.StubImpl) servicePort)._setProperty(weblogic.wsee.jaxrpc.WLStub.SSL_ADAPTER, adapter);However in WebLogic 11g it appears that even if the <tt>TrustManager</tt> is called (which we checked by using a debugger), WebLogic refuses the certificate:
<validationCallback: validateErr = 16>
< cert[0] = Serial number: 9232073310112809071929676484517784211
Issuer:C=US, ST=MyState, L=MyTown, O=MyOrganization, OU=FOR TESTING ONLY, CN=mestoudi2
Subject:C=US, ST=MyState, L=MyTown, O=MyOrganization, OU=FOR TESTING ONLY, CN=mestoudi2
Not Valid Before:Tue Nov 01 14:33:31 CET 2011
Not Valid After:Sun Nov 02 14:33:31 CET 2031
Signature Algorithm:MD5withRSA
>
<weblogic user specified trustmanager validation status 16>
<Certificate chain received from mestoudi2 - 10.142.0.23 was not trusted causing SSL handshake failure.>
<Validation error = 16>
<Certificate chain is untrusted>
<SSLTrustValidator returns: 16>
<Trust status (16): CERT_CHAIN_UNTRUSTED>
<NEW ALERT with Severity: FATAL, Type: 42
java.lang.Exception: New alert stack
at com.certicom.tls.record.alert.Alert.<init>(Unknown Source)
at com.certicom.tls.record.handshake.HandshakeHandler.fireAlert(Unknown Source)
at com.certicom.tls.record.handshake.ClientStateReceivedServerHello.handle(Unknown Source)
…I think the first difference occurs on the line "+weblogic user specified trustmanager validation status 16+" where in WebLogic 10g the value was 0 instead of 16.
If we check "Use JSSE SSL" in the WebLogic administration console (which switches the implementation to com.sun.net.ssl instead of com.certicom.tls), the <tt>TrustManager</tt> is not called at all.
We also tried to configure the <tt>TrustManager</tt> by implementing a <tt>javax.net.ssl.X509TrustManager</tt> that we set on a <tt>weblogic.wsee.connection.transport.https.HttpsTransportInfo</tt> passed to the stub using
((weblogic.wsee.jaxrpc.StubImpl) servicePort)._setProperty(TRANSPORT_INFO, transportInfo);But it is not called either – however it works for setting up a proxy for example. We are generating the stubs using the clientgen Ant task (<tt>weblogic.wsee.tools.anttasks.ClientGenTask</tt>).
We are a little bit stuck, any idea of what we should do? Is the WebLogic 11g behavior a regression or is there something else we should configure to get back the old behavior?Hello,
Weblogic has two keystores : identity (if you are doing 2 ways SSL) and trust. you should import your "external" certificate in the "trust" key store.
look at your server config to know your config : Home >Summary of Servers >AdminServer-->configuration-->keystore
I suggest that you change the default configuration (not using the demo one),
then when you know where is yo key store use the command line to add your certificate to trusted store (this is a example) :
opt/weblogic10_3_3/jdk160_18/jre/bin/keytool -import -noprompt -trustcacerts -alias BLCCertificateAuthority -file cacert2035.pem -keystore /opt/weblogic10_3_3/jdk160_18/jre/lib/security/cacerts
once your certificated is added to your trust store it should work.
I hope it will help. -
Jcontrol.exe not starting after creating ssl certificate
hi,
Iu00B4ve got a netweaver AS Java (only) 640 SP19. I tried to create a SSL certificate (Test) with visual admin and after importing "getCert" i wanted to restart the SAP-System. The problem is that jcontrol.exe has not been started and stayed grey (status: stopped).
Hereu00B4s a part of the dev-trace:
[Thr 3796] Thu Nov 20 16:17:36 2008
[Thr 3796] *** ERROR => invalid return code of process [bootstrap_ID103537200] (exitcode=-2) [jstartxx.c 1465]
[Thr 3796] JControlExecuteBootstrap: error executing bootstrap node [bootstrap_ID103537200] (rc=-2)
[Thr 3796] JControlExecuteBootstrap: execute bootstrap process [bootstrap_ID103537250]
[Thr 3796] INFO: Unknown property [JLaunchParameters=]
[Thr 3796] [Node: server0 bootstrap] java home is set by profile parameter
Java Home: D:\apps\j2sdk1.4.2_17-x64
dev_bootstrap:
trc file: "D:\usr\sap\CCM\JC10\work\dev_bootstrap", trc level: 1, release: "640"
node name : bootstrap
pid : 1992
system name : CCM
system nr. : 10
started at : Thu Nov 20 16:17:32 2008
arguments :
arg[00] : D:\usr\sap\CCM\JC10/j2ee/os_libs/jlaunch.exe
arg[01] : pf=D:\usr\sap\CCM\SYS\profile\CCM_JC10_iswdmz5
arg[02] : -DSAPINFO=CCM_10_bootstrap
arg[03] : pf=D:\usr\sap\CCM\SYS\profile\CCM_JC10_iswdmz5
[Thr 3736] Thu Nov 20 16:17:32 2008
[Thr 3736] INFO: Unknown property [box.number=CCMJC10iswdmz5]
[Thr 3736] INFO: Unknown property [ms.host=iswdmz5]
[Thr 3736] INFO: Unknown property [ms.port=3611]
[Thr 3736] INFO: Unknown property [system.id=10]
JStartupReadInstanceProperties: read instance properties [D:\usr\sap\CCM\JC10\j2ee\cluster\instance.properties]
-> ms host : iswdmz5
-> ms port : 3611
-> OS libs : D:\usr\sap\CCM\JC10\j2ee\os_libs
-> Admin URL :
-> run mode : NORMAL
-> run action : NONE
-> enabled : yes
Used property files
-> files [00] : D:\usr\sap\CCM\JC10\j2ee\cluster\instance.properties
Instance properties
-> ms host : iswdmz5
-> ms port : 3611
-> os libs : D:\usr\sap\CCM\JC10\j2ee\os_libs
-> admin URL :
-> run mode : NORMAL
-> run action : NONE
-> enabled : yes
Bootstrap nodes
-> [00] bootstrap : D:\usr\sap\CCM\JC10\j2ee\cluster\instance.properties
-> [01] bootstrap_ID10353720 : D:\usr\sap\CCM\JC10\j2ee\cluster\instance.properties
-> [02] bootstrap_ID10353725 : D:\usr\sap\CCM\JC10\j2ee\cluster\instance.properties
Worker nodes
-> [00] ID103537200 : D:\usr\sap\CCM\JC10\j2ee\cluster\instance.properties
-> [01] ID103537250 : D:\usr\sap\CCM\JC10\j2ee\cluster\instance.properties
[Thr 3736] JLaunchRequestQueueInit: create named pipe for ipc
[Thr 3736] JLaunchRequestQueueInit: create pipe listener thread
[Thr 3564] JLaunchRequestFunc: Thread 3564 started as listener thread for np messages.
[Thr 3732] WaitSyncSemThread: Thread 3732 started as semaphore monitor thread.
[Thr 3736] NiInit2: NI already initialized; param 'maxHandles' ignored
[Thr 3736] [Node: bootstrap] java home is set by profile parameter
Java Home: D:\apps\j2sdk1.4.2_17-x64
JStartupIReadSection: read node properties [bootstrap]
-> node name : bootstrap
-> node type : bootstrap
-> node execute : yes
-> java path : D:\apps\j2sdk1.4.2_17-x64
-> java parameters : -Djco.jarm=1 -Djco.jarm=1
-> java vm version : 1.4.2_17-b06
-> java vm vendor : Java HotSpot(TM) 64-Bit Server VM (Sun Microsystems Inc.)
-> java vm type : server
-> java vm cpu : amd64
-> heap size : 128M
-> root path : D:\usr\sap\CCM\JC10\j2ee\cluster
-> class path : .\bootstrap\launcher.jar
-> OS libs path : D:\usr\sap\CCM\JC10\j2ee\os_libs
-> main class : com.sap.engine.offline.OfflineToolStart
-> framework class : com.sap.bc.proj.jstartup.JStartupFramework
-> registr. class : com.sap.bc.proj.jstartup.JStartupNatives
-> framework path : D:\usr\sap\CCM\JC10\j2ee\os_libs\jstartup.jar
-> parameters : com.sap.engine.bootstrap.Bootstrap ./bootstrap ID1035372
-> debuggable : yes
-> debug mode : no
-> debug port : 60000
-> shutdown timeout: 120000
[Thr 3704] JLaunchIStartFunc: Thread 3704 started as Java VM thread.
JHVM_LoadJavaVM: VM Arguments of node [bootstrap]
-> stack : 2097152 Bytes
-> arg[ 0]: exit
-> arg[ 1]: abort
-> arg[ 2]: -Denv.class.path=d:\apps\SAPJCo\sapjco.jar
-> arg[ 3]: -Djco.jarm=1
-> arg[ 4]: -Djco.jarm=1
-> arg[ 5]: -Dsys.global.dir=D:\usr\sap\CCM\SYS\global
-> arg[ 6]: -Dapplication.home=D:\usr\sap\CCM\JC10\j2ee\os_libs
-> arg[ 7]: -Djava.class.path=D:\usr\sap\CCM\JC10\j2ee\os_libs\jstartup.jar;.\bootstrap\launcher.jar
-> arg[ 8]: -Djava.library.path=D:\apps\j2sdk1.4.2_17-x64\jre\bin\server;D:\apps\j2sdk1.4.2_17-x64\jre\bin;D:\apps\j2sdk1.4.2_17-x64\bin;D:\usr\sap\CCM\JC10\j2ee\os_libs;D:\usr\sap\Python\.;d:\sapdb\programs\bin;d:\sapdb\programs\pgm;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\Program Files\CA\SharedComponents\ScanEngine;C:\Program Files\CA\SharedComponents\CAUpdate\;C:\Program Files\CA\SharedComponents\ThirdParty\;C:\Program Files\CA\SharedComponents\SubscriptionLicense\;C:\Program Files\CA\eTrustITM;D:\apps\SAPJCo;D:\apps\j2sdk1.4.2_17-x64\bin;D:\usr\sap\CCM\JC10\exe;D:\usr\sap\CCM\SYS\exe\run
-> arg[ 9]: -Dmemory.manager=128M
-> arg[ 10]: -Xmx128M
-> arg[ 11]: -DLoadBalanceRestricted=no
-> arg[ 12]: -Djstartup.mode=BOOTSTRAP
-> arg[ 13]: -Djstartup.ownProcessId=1992
-> arg[ 14]: -Djstartup.ownHardwareId=D2128917885
-> arg[ 15]: -Djstartup.whoami=bootstrap
-> arg[ 16]: -Djstartup.debuggable=yes
-> arg[ 17]: -DSAPINFO=CCM_10_bootstrap
-> arg[ 18]: -DSAPSTARTUP=1
-> arg[ 19]: -DSAPSYSTEM=10
-> arg[ 20]: -DSAPSYSTEMNAME=CCM
-> arg[ 21]: -DSAPMYNAME=iswdmz5_CCM_10
-> arg[ 22]: -DSAPDBHOST=
-> arg[ 23]: -Dj2ee.dbhost=iswdmz5
[Thr 3704] JHVM_LoadJavaVM: Java VM created OK.
JHVM_BuildArgumentList: main method arguments of node [bootstrap]
-> arg[ 0]: com.sap.engine.bootstrap.Bootstrap
-> arg[ 1]: ./bootstrap
-> arg[ 2]: ID1035372
[Thr 3708] Thu Nov 20 16:17:34 2008
[Thr 3708] JLaunchIExitJava: exit hook is called (rc=0)
[Thr 3708] JLaunchCloseProgram: good bye (exitcode=0)
and the jvm_bootstrap.out:
Bootstrap MODE:
<INSTANCE GLOBALS>
determined by parameter [ID1035372].
Missing RunningMode property - runningin NORMAL mode.
Instance [ID1035372] will run in [NORMAL] mode, performing action [NONE]
Discovered property [instance.en.port] with value [3211] !
Discovered property [instance.en.host] with value [iswdmz5] !
Synchronizing file [.\.hotspot_compiler].
...Synched ok!
Synchronizing file [..\..\SDM\program\.hotspot_compiler].
...Synched ok!
Synch time: 922 ms
I hope this is enough information. Before importing the certificate from the SAP Support Portal the AS Java runned perfectly.
regards
Tobias NagelAdditional information:
When I deactivate SSL by switching from automatic starting to manual starting in the configtool the jcontrol.exe process starts without any errors. -
Hi Guys,
My scenarios are Idoc to EDI.
My Doubt is
What type of public SSL certificate needs to be purchased for production EDIINT/AS2?
What type of private SSL certificate needs to be purchased for production EDIINT/AS2?
I am not sure this belongs to PI or BASIS, so excyuse me.
Thanks
RameshHi,
Normally you need AS2 certificate and SSL certificate if the partner is connecting to you through https.
Thanks,
Satya. -
SA520 Wildcard SSL Certificate?
I have a wildcard SSL certificate for our domain from RapidSSL. I installed the intermediary certificates fine but I can't get the acutal cert to install. I get the message "Can't Upload Invalid Self Certificate" message. Has anyone else ever successfully used a wildcard cert with an SA?
Hello Mr. Williamson,
In order to get a new SSL certificate please follow the next instructions:
STEP 1 : Click Administration > Authentication.
The Authentication (Certificates) window opens.
STEP 2 For each type of certificate, perform the following actions, as needed:
• To add a certificate, click Upload. You can upload the certificate from the PC
or the USB device. Click Browse, find and select the certificate, and then
click Upload.
• To delete a certificate, check the box to select the certificate, and then click
Delete.
• To download the router’s certificate (.pem file), click the Download button
under the Download Settings area.
STEP 3 To request a certificate from the CA, click Generate CSR.
The Generate Certification Signing Request window opens.
a. Enter the distinguished name information in the Generate Self Certificate
Request fields.
• Name: Unique name used to identify a certificate.
• Subject: Name of the certificate holder (owner). The subject field populates
the CN (Common Name) entry of the generated certificate and can contain
these fields:
- CN=Common Name
- O=Organization
- OU=Organizational unit
- L= Locality
- ST= State
- C=Country
For example: CN=router1, OU=my_dept, O=my_company, L=SFO, C=US
Whatever name you choose will appear in the subject line of the generated
CSR. To include more than one subject field, enter each subject separated
by a comma. For example: CN=hostname.domain.com, ST=CA, C=USA
• Hash Algorithm: Algorithm used by the certificate. Choose between MD5
and SHA-1
• Signature Algorithm: Algorithm (RSA) used to sign the certificate.
• Signature Key Length: Length of the signature, either 512 or 1024.
• (Optional) IP Address, Domain Name, and Email Address
b. Click Generate.
A new certificate request is created and added to the Certification Signing
Request (CSR) table. To view the request, click the View button next to the
certificate you just created.
Or you could check it on the next link. please check page 191
http://www.cisco.com/en/US/docs/security/multi_function_security/multi_function_security_appliance/sa_500/administration/guide/SA500_AG_OL1911404.pdf
hope you find this answer useful, if it was satisfactory for you, please mark the question as Answered.
Thank you -
Hi,
We are trying to install SSL certificate (Verisign Class 3) on iPlanet Web Server (version 7). However, at the final step we are getting the error "ADMIN4118: Only one server certificate can be installed at a time"
We are following the below steps,
Under "Server Certificates" tab,
-> Click on "Install" button.
-> On "Select Configuration" click on "Next" button.
-> On "Select Tokens and Passwords", select default token as "internal" and click on "Next" button.
-> On "Enter Certificate Data", select option as "Certficate File" and give path to the certificate file which is having .p7b extension
-> On "Certificate Details" we are getting warning as "Duplicate Server Details Found" and it's by default using the existing certificate's nickname.
-> On "Review" page after clicking "Finish" button, an error is displayed saying "ADMIN4118: Only one certificate server can be installed at a time"
There are multiple sub-domains availble and the new certificate we want to install contains one more sub-domain.
So, say currently the subdomains present are,
1.abc.com
2.abc.com
so on...
and now we are trying to install a SSL certificate having one more subdomain say 10.abc.com.
Please let us know if you have solution to this problem.
Thanks,
RajeshHi Rajesh,
That error is most commonly seen when you are trying to install a certificate chain into the Web Server.
The chain should be installed using the "Certificate Authorities" tab per the following steps:
1) Login to the Admin Console.
2) Click Edit Configuration from Common Tasks > Configuration Tasks.
3) Click the Certificates > Certificate Authorities tab from the Configurations page.
4) Click the Install... tab from the Certificate Authorities (CAs) page.
An Install CA Certificate Wizard opens. The wizard guides you through the settings available for installing a Certificate Chain. Select Certificate Chain when prompted for Certificate Type.
You should then see the CA and intermediate certificate(s) listed in the security database.
If you have access to MOS, more details can be found in the MOS KM Note:
Oracle iPlanet Web Server - 'ADMIN4118: Only one server certificate can be installed at a time' When Installing Certificate Chain (Doc ID 1925025.1)
regards
Tracey
Maybe you are looking for
-
When I tried the 2nd, 3rd, and 4th time to download 5.0.1, Firefox states that I have the latest version installed, but it still shows up as version 3.6.19 in the "about Firefox" box. And this older version is also reflected in your "educated guesses
-
Getting error while executing DTP
Hello, I am learning BI 7.0, am trying load master data from a flatfile to InfoObject. I am getting error when I execute DTP. I have 15 records in the file. Below are the message that I see in the DTP monitor - Extraction DataSource ( shows green
-
The CubeServices contains a method getAllInitiativeStatus(). The parameters are context id - in my PW_Sample there are two entries in CPMS_Context with ids of 45 and 48 so I entered 45 dbNameId - in CPMS_DBName the id for PW_samepl is 1 as of date -
-
Send mail from SAP system to another SAP system
Hello Xperts I need to send a mail from one SAP box (ECC) to another SAP box (SRM,CRM, EP etc). I know how to send mail from SAP to external address but unable to find the parameters in this case. Kindly help. thkx Prabhu PS: Kindly DONOT post on "Ho
-
IPhoto not imported correctly?
I purchased and installed Aperture the other day. I then opened it, but decided to close it immediately, and import my iPhoto library the next day. The following day I got ready to import my iPhoto library. According to page 174 of the pdf manual,